this post was submitted on 30 Apr 2026
753 points (99.0% liked)

Technology

84256 readers
3874 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
753
A federal agent said WhatsApp's encryption is a lie. Then the investigation was shut down (www.techspot.com)
submitted 1 day ago by throws_lemy@reddthat.com to c/technology@lemmy.world
86 comments fedilink hide all child comments
 

A 10-month Commerce Department probe concluded Meta could view all WhatsApp messages in unencrypted form

you are viewing a single comment's thread
view the rest of the comments
[โ€“] GamingChairModel@lemmy.world 70 points 23 hours ago (1 children)

Here's the original reporting, instead of another website's summary of Bloomberg's actual report:

https://www.bloomberg.com/news/articles/2026-04-28/us-ends-investigation-into-claims-whatsapp-chats-aren-t-private

https://archive.is/sGE3e

So it sounds like the agent was investigating allegations, from content moderation contractors, that Meta could access the contents of WhatsApp messages, and came to the conclusion that yes, Meta could.

There are a few possibilities here.

  1. Meta does have full plain text access to all Whatsapp messages, but guards that access very closely. Although the clients seem to generate E2EE keys for each session, somehow they're leaking those keys to Meta's servers somewhere, and the closed source code sufficiently hides that so that there's no whistleblower or security researcher able to detect this definitively.
  2. Meta has a secret wiretap functionality where they can compromise the E2EE keys somehow, but uses it only for narrow cases. This helps keep the functionality secret, because security researchers and other reviewers may never see the functionality in action.
  3. Meta allows users to report objectionable content in the threads they're already part of. The reporting function either forwards the E2EE key itself, or all the plaintext data, that gives content moderators access to the underlying message contents. The contractor whistleblowers and the federal agent investigating these allegations simply got it wrong, and misunderstood the technical process of how the plaintext messages end up in the content moderator's possession.

Meta claims that it's #3. They acknowledge they have plaintext access to messages when a party to the thread presses the report button.

This unnamed federal agent believes it's #1, after 10 months of investigation, and sent out an email to other investigators that they should look into that possibility.

I'm skeptical of #1, simply because I don't believe that conspiracies to keep that kind of stuff secret can be maintained. It's not just that there would be technically skilled whistleblowers who have actual access to the code (not the non-technical content moderator contractors who review the content), but a weakness in such an important and widely used protocol would attract all sorts of hackers, state sponsored or otherwise.

But option #2 might explain everything we've seen so far. Full wiretap capability that is rarely used and very tightly controlled.

[โ€“] flambonkscious@sh.itjust.works 3 points 12 hours ago

Thanks for the sane interpretation of the situation!